<?php



function getConnection() {
    $dbhost = "127.0.0.1";
    $dbuser = "root";
    $dbpass = "";
    $dbname = "backbone";
    $dbh = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
    $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    return $dbh;
}

function authorize($role = "user") {
    return function () use ( $role ) {
                //echo "authorize1";
                $app = new \Slim\Slim();
                if (!empty($_SESSION['user'])) {
                    //echo "authorize2";
                    if ($_SESSION['user']['role'] == $role) {
                        //echo "authorize3";
                        return true;
                    } else {
                        // If a user is logged in, but doesn't have permissions, return 403
                        $app->halt(403, 'You shall not pass!');
                    }
                } else {
                    // If a user is not logged in at all, return a 401
                    $app->halt(401, 'You shall not pass!');
                }
            };
}

?>
